@highway1/core 0.1.53 → 0.1.55

package/src/messaging/rate-limiter.ts

@@ -1,85 +0,0 @@
-/**
- * Token Bucket Rate Limiter
- *
- * Classic token bucket algorithm for per-sender rate limiting.
- * Tokens refill at a constant rate up to capacity.
- */
-
-export interface TokenBucketConfig {
-  capacity: number;    // Max tokens (burst size)
-  refillRate: number;  // Tokens per millisecond
-}
-
-export class TokenBucket {
-  private tokens: number;
-  private lastRefill: number;
-  private readonly capacity: number;
-  private readonly refillRate: number; // tokens per ms
-
-  constructor(config: TokenBucketConfig, initialTokens?: number, lastRefill?: number) {
-    this.capacity = config.capacity;
-    this.refillRate = config.refillRate;
-    this.tokens = initialTokens ?? config.capacity;
-    this.lastRefill = lastRefill ?? Date.now();
-  }
-
-  /** Attempt to consume one token. Returns true if allowed. */
-  consume(): boolean {
-    this.refill();
-    if (this.tokens >= 1) {
-      this.tokens -= 1;
-      return true;
-    }
-    return false;
-  }
-
-  getRemaining(): number {
-    this.refill();
-    return Math.floor(this.tokens);
-  }
-
-  /** Milliseconds until at least one token is available */
-  getResetTime(): number {
-    this.refill();
-    if (this.tokens >= 1) return 0;
-    const needed = 1 - this.tokens;
-    return Math.ceil(needed / this.refillRate);
-  }
-
-  /** Serialize state for persistence */
-  toState(): { tokens: number; lastRefill: number } {
-    return { tokens: this.tokens, lastRefill: this.lastRefill };
-  }
-
-  private refill(): void {
-    const now = Date.now();
-    const elapsed = now - this.lastRefill;
-    const newTokens = elapsed * this.refillRate;
-    this.tokens = Math.min(this.capacity, this.tokens + newTokens);
-    this.lastRefill = now;
-  }
-}
-
-/**
- * Rate limiter tiers based on trust score
- */
-export interface RateLimitTiers {
-  /** Trust < 0.3: new/unknown agents */
-  newAgent: TokenBucketConfig;
-  /** Trust 0.3–0.6: established agents */
-  established: TokenBucketConfig;
-  /** Trust > 0.6: trusted agents */
-  trusted: TokenBucketConfig;
-}
-
-export const DEFAULT_RATE_LIMIT_TIERS: RateLimitTiers = {
-  newAgent:    { capacity: 10,   refillRate: 10   / (60 * 1000) }, // 10/min, burst 10
-  established: { capacity: 100,  refillRate: 60   / (60 * 1000) }, // 60/min, burst 100
-  trusted:     { capacity: 1000, refillRate: 600  / (60 * 1000) }, // 600/min, burst 1000
-};
-
-export function getTierConfig(trustScore: number, tiers: RateLimitTiers): TokenBucketConfig {
-  if (trustScore >= 0.6) return tiers.trusted;
-  if (trustScore >= 0.3) return tiers.established;
-  return tiers.newAgent;
-}

package/src/messaging/router.ts

@@ -1,209 +0,0 @@
-import type { MessageEnvelope } from './envelope.js';
-import type { RelayClient } from '../transport/relay-client.js';
-import { encodeMessage, decodeMessage } from './codec.js';
-import { validateEnvelope, verifyEnvelope } from './envelope.js';
-import { createLogger } from '../utils/logger.js';
-import { MessagingError } from '../utils/errors.js';
-import { extractPublicKey } from '../identity/did.js';
-import { verify } from '../identity/keys.js';
-
-const logger = createLogger('router');
-
-export type MessageHandler = (
-  envelope: MessageEnvelope
-) => Promise<MessageEnvelope | void>;
-
-export interface MessageRouter {
-  registerHandler: (protocol: string, handler: MessageHandler) => void;
-  unregisterHandler: (protocol: string) => void;
-  registerCatchAllHandler: (handler: MessageHandler) => void;
-  sendMessage: (envelope: MessageEnvelope) => Promise<MessageEnvelope | void>;
-  start: () => Promise<void>;
-  stop: () => Promise<void>;
-}
-
-/**
- * Create a message router using relay client (CVP-0011)
- */
-export function createMessageRouter(
-  relayClient: RelayClient,
-  verifyFn: (signature: Uint8Array, data: Uint8Array) => Promise<boolean>
-): MessageRouter {
-  const handlers = new Map<string, MessageHandler>();
-  let catchAllHandler: MessageHandler | undefined;
-
-  // Map to track pending requests waiting for responses
-  const pendingRequests = new Map<string, {
-    resolve: (envelope: MessageEnvelope | undefined) => void;
-    timeout: NodeJS.Timeout;
-  }>();
-
-  return {
-    registerHandler: (protocol: string, handler: MessageHandler) => {
-      handlers.set(protocol, handler);
-      logger.info('Registered message handler', { protocol });
-    },
-
-    unregisterHandler: (protocol: string) => {
-      handlers.delete(protocol);
-      logger.info('Unregistered message handler', { protocol });
-    },
-
-    registerCatchAllHandler: (handler: MessageHandler) => {
-      catchAllHandler = handler;
-      logger.info('Registered catch-all message handler');
-    },
-
-    sendMessage: async (envelope: MessageEnvelope) => {
-      try {
-        if (!validateEnvelope(envelope)) {
-          throw new MessagingError('Invalid message envelope');
-        }
-
-        const encoded = encodeMessage(envelope);
-        await relayClient.sendEnvelope(envelope.to, encoded);
-
-        logger.info('Message sent via relay', {
-          id: envelope.id,
-          from: envelope.from,
-          to: envelope.to,
-          protocol: envelope.protocol,
-        });
-
-        // If this is a request, wait for response
-        if (envelope.type === 'request') {
-          logger.debug('Waiting for response to request', { id: envelope.id });
-
-          const RESPONSE_TIMEOUT = 30000; // 30 seconds (CVP-0010 §4.2)
-
-          return new Promise<MessageEnvelope | undefined>((resolve) => {
-            const timeout = setTimeout(() => {
-              pendingRequests.delete(envelope.id);
-              logger.warn('Response timeout', { id: envelope.id, timeout: RESPONSE_TIMEOUT });
-              resolve(undefined);
-            }, RESPONSE_TIMEOUT);
-
-            pendingRequests.set(envelope.id, { resolve, timeout });
-          });
-        }
-
-        return undefined;
-      } catch (error) {
-        if (error instanceof MessagingError) throw error;
-        throw new MessagingError('Failed to send message', error);
-      }
-    },
-
-    start: async () => {
-      // Register handler for incoming DELIVER messages
-      relayClient.onDeliver(async (deliverMsg) => {
-        try {
-          const envelope = decodeMessage(deliverMsg.envelope);
-
-          if (!validateEnvelope(envelope)) {
-            logger.warn('Received invalid message envelope');
-            return;
-          }
-
-          // Verify signature against sender DID embedded public key
-          const isValidSignature = await verifyEnvelope(envelope, async (signature, data) => {
-            const senderPublicKey = extractPublicKey(envelope.from);
-            return verify(signature, data, senderPublicKey);
-          });
-          if (!isValidSignature) {
-            logger.warn('Received message with invalid signature', {
-              id: envelope.id,
-              from: envelope.from,
-            });
-            return;
-          }
-
-          // Optional caller-supplied verification hook (e.g. policy checks)
-          try {
-            const { signature, ...envelopeWithoutSig } = envelope;
-            const dataBytes = new TextEncoder().encode(JSON.stringify(envelopeWithoutSig));
-            const signatureBytes = Buffer.from(signature, 'hex');
-            const hookValid = await verifyFn(signatureBytes, dataBytes);
-            if (!hookValid) {
-              logger.warn('Message rejected by custom verifier', {
-                id: envelope.id,
-                from: envelope.from,
-              });
-              return;
-            }
-          } catch (error) {
-            logger.warn('Custom verification hook failed', {
-              id: envelope.id,
-              from: envelope.from,
-              error: (error as Error).message,
-            });
-            return;
-          }
-
-          logger.info('Received message', {
-            id: envelope.id,
-            from: envelope.from,
-            to: envelope.to,
-            protocol: envelope.protocol,
-            type: envelope.type,
-          });
-
-          // Check if this is a response to a pending request
-          if (envelope.type === 'response' && envelope.replyTo) {
-            const pending = pendingRequests.get(envelope.replyTo);
-            if (pending) {
-              clearTimeout(pending.timeout);
-              pendingRequests.delete(envelope.replyTo);
-              pending.resolve(envelope);
-              logger.info('Matched response to pending request', {
-                requestId: envelope.replyTo,
-                responseId: envelope.id,
-              });
-              return;
-            }
-          }
-
-          // Dispatch to handler
-          const handler = handlers.get(envelope.protocol);
-          let response: MessageEnvelope | void = undefined;
-
-          if (handler) {
-            response = await handler(envelope);
-          } else if (catchAllHandler) {
-            logger.debug('Using catch-all handler for protocol', { protocol: envelope.protocol });
-            response = await catchAllHandler(envelope);
-          } else {
-            logger.warn('No handler for protocol', { protocol: envelope.protocol });
-          }
-
-          // Send response back if handler returned one
-          if (response) {
-            const encoded = encodeMessage(response);
-            await relayClient.sendEnvelope(response.to, encoded);
-            logger.info('Sent response back to sender', {
-              responseId: response.id,
-              replyTo: response.replyTo,
-            });
-          }
-        } catch (error) {
-          logger.error('Error handling incoming message', error);
-        }
-      });
-
-      logger.info('Message router started');
-    },
-
-    stop: async () => {
-      // Clear all pending requests
-      for (const [, pending] of pendingRequests.entries()) {
-        clearTimeout(pending.timeout);
-        pending.resolve(undefined);
-      }
-      pendingRequests.clear();
-
-      handlers.clear();
-      catchAllHandler = undefined;
-      logger.info('Message router stopped');
-    },
-  };
-}

package/src/messaging/storage.ts

@@ -1,281 +0,0 @@
-/**
- * Message Storage - LevelDB operations for message queue
- *
- * Key schema:
- *   msg:inbound:{timestamp}:{id}   → StoredMessage
- *   msg:outbound:{timestamp}:{id}  → StoredMessage
- *   block:{did}                    → BlocklistEntry
- *   allow:{did}                    → AllowlistEntry
- *   seen:{messageId}               → SeenEntry
- *   rate:{did}                     → RateLimitState
- *   idx:from:{did}:{timestamp}:{id} → '1'
- */
-
-import { Level } from 'level';
-import { createLogger } from '../utils/logger.js';
-import type {
-  StoredMessage,
-  BlocklistEntry,
-  AllowlistEntry,
-  SeenEntry,
-  RateLimitState,
-  MessageFilter,
-  PaginationOptions,
-  MessagePage,
-} from './types.js';
-
-const logger = createLogger('message-storage');
-
-export class MessageStorage {
-  private db: Level<string, any>;
-  private ready = false;
-
-  constructor(dbPath: string) {
-    this.db = new Level<string, any>(dbPath, { valueEncoding: 'json' });
-  }
-
-  async open(): Promise<void> {
-    await this.db.open();
-    this.ready = true;
-    logger.info('Message storage opened');
-  }
-
-  async close(): Promise<void> {
-    if (this.ready) {
-      await this.db.close();
-      this.ready = false;
-      logger.info('Message storage closed');
-    }
-  }
-
-  // ─── Message Operations ───────────────────────────────────────────────────
-
-  async putMessage(msg: StoredMessage): Promise<void> {
-    const ts = String(msg.receivedAt ?? msg.sentAt ?? Date.now()).padStart(16, '0');
-    const key = `msg:${msg.direction}:${ts}:${msg.envelope.id}`;
-    await this.db.put(key, msg);
-
-    // Secondary index by sender
-    const idxKey = `idx:from:${msg.envelope.from}:${ts}:${msg.envelope.id}`;
-    await this.db.put(idxKey, '1');
-  }
-
-  async getMessage(id: string): Promise<StoredMessage | null> {
-    // Scan both directions since we don't know the timestamp
-    for (const direction of ['inbound', 'outbound'] as const) {
-      const prefix = `msg:${direction}:`;
-      for await (const [, value] of this.db.iterator<string, StoredMessage>({
-        gte: prefix,
-        lte: prefix + '\xff',
-        valueEncoding: 'json',
-      })) {
-        if (value.envelope.id === id) return value;
-      }
-    }
-    return null;
-  }
-
-  async updateMessage(id: string, updates: Partial<StoredMessage>): Promise<void> {
-    const msg = await this.getMessage(id);
-    if (!msg) return;
-    const ts = String(msg.receivedAt ?? msg.sentAt ?? Date.now()).padStart(16, '0');
-    const key = `msg:${msg.direction}:${ts}:${id}`;
-    await this.db.put(key, { ...msg, ...updates });
-  }
-
-  async deleteMessage(id: string): Promise<void> {
-    const msg = await this.getMessage(id);
-    if (!msg) return;
-    const ts = String(msg.receivedAt ?? msg.sentAt ?? Date.now()).padStart(16, '0');
-    const key = `msg:${msg.direction}:${ts}:${id}`;
-    const idxKey = `idx:from:${msg.envelope.from}:${ts}:${id}`;
-    await this.db.batch([
-      { type: 'del', key },
-      { type: 'del', key: idxKey },
-    ]);
-  }
-
-  async queryMessages(
-    direction: 'inbound' | 'outbound',
-    filter: MessageFilter = {},
-    pagination: PaginationOptions = {}
-  ): Promise<MessagePage> {
-    const { limit = 50, offset = 0 } = pagination;
-    const prefix = `msg:${direction}:`;
-    const results: StoredMessage[] = [];
-    let total = 0;
-    let skipped = 0;
-
-    for await (const [, value] of this.db.iterator<string, StoredMessage>({
-      gte: prefix,
-      lte: prefix + '\xff',
-      reverse: true, // newest first
-      valueEncoding: 'json',
-    })) {
-      if (!this.matchesFilter(value, filter)) continue;
-      total++;
-      if (skipped < offset) { skipped++; continue; }
-      if (results.length < limit) results.push(value);
-    }
-
-    return {
-      messages: results,
-      total,
-      hasMore: total > offset + results.length,
-    };
-  }
-
-  private matchesFilter(msg: StoredMessage, filter: MessageFilter): boolean {
-    if (filter.fromDid) {
-      const froms = Array.isArray(filter.fromDid) ? filter.fromDid : [filter.fromDid];
-      if (!froms.includes(msg.envelope.from)) return false;
-    }
-    if (filter.toDid) {
-      const tos = Array.isArray(filter.toDid) ? filter.toDid : [filter.toDid];
-      if (!tos.includes(msg.envelope.to)) return false;
-    }
-    if (filter.protocol) {
-      const protos = Array.isArray(filter.protocol) ? filter.protocol : [filter.protocol];
-      if (!protos.includes(msg.envelope.protocol)) return false;
-    }
-    if (filter.type && msg.envelope.type !== filter.type) return false;
-    if (filter.unreadOnly && msg.readAt != null) return false;
-    if (filter.status) {
-      const statuses = Array.isArray(filter.status) ? filter.status : [filter.status];
-      if (!statuses.includes(msg.status)) return false;
-    }
-    if (filter.maxAge) {
-      const age = Date.now() - (msg.receivedAt ?? msg.sentAt ?? 0);
-      if (age > filter.maxAge) return false;
-    }
-    if (filter.minTrustScore != null && (msg.trustScore ?? 0) < filter.minTrustScore) return false;
-    return true;
-  }
-
-  async countMessages(direction: 'inbound' | 'outbound', filter: MessageFilter = {}): Promise<number> {
-    const prefix = `msg:${direction}:`;
-    let count = 0;
-    for await (const [, value] of this.db.iterator<string, StoredMessage>({
-      gte: prefix,
-      lte: prefix + '\xff',
-      valueEncoding: 'json',
-    })) {
-      if (this.matchesFilter(value, filter)) count++;
-    }
-    return count;
-  }
-
-  // ─── Blocklist ────────────────────────────────────────────────────────────
-
-  async putBlock(entry: BlocklistEntry): Promise<void> {
-    await this.db.put(`block:${entry.did}`, entry);
-  }
-
-  async getBlock(did: string): Promise<BlocklistEntry | null> {
-    try {
-      return await this.db.get(`block:${did}`);
-    } catch {
-      return null;
-    }
-  }
-
-  async deleteBlock(did: string): Promise<void> {
-    try { await this.db.del(`block:${did}`); } catch { /* not found */ }
-  }
-
-  async listBlocked(): Promise<BlocklistEntry[]> {
-    const results: BlocklistEntry[] = [];
-    for await (const [, value] of this.db.iterator<string, BlocklistEntry>({
-      gte: 'block:',
-      lte: 'block:\xff',
-      valueEncoding: 'json',
-    })) {
-      results.push(value);
-    }
-    return results;
-  }
-
-  // ─── Allowlist ────────────────────────────────────────────────────────────
-
-  async putAllow(entry: AllowlistEntry): Promise<void> {
-    await this.db.put(`allow:${entry.did}`, entry);
-  }
-
-  async getAllow(did: string): Promise<AllowlistEntry | null> {
-    try {
-      return await this.db.get(`allow:${did}`);
-    } catch {
-      return null;
-    }
-  }
-
-  async deleteAllow(did: string): Promise<void> {
-    try { await this.db.del(`allow:${did}`); } catch { /* not found */ }
-  }
-
-  async listAllowed(): Promise<AllowlistEntry[]> {
-    const results: AllowlistEntry[] = [];
-    for await (const [, value] of this.db.iterator<string, AllowlistEntry>({
-      gte: 'allow:',
-      lte: 'allow:\xff',
-      valueEncoding: 'json',
-    })) {
-      results.push(value);
-    }
-    return results;
-  }
-
-  // ─── Seen Cache ───────────────────────────────────────────────────────────
-
-  async putSeen(entry: SeenEntry): Promise<void> {
-    await this.db.put(`seen:${entry.messageId}`, entry);
-  }
-
-  async getSeen(messageId: string): Promise<SeenEntry | null> {
-    try {
-      return await this.db.get(`seen:${messageId}`);
-    } catch {
-      return null;
-    }
-  }
-
-  async cleanupSeen(maxAgeMs: number): Promise<void> {
-    const cutoff = Date.now() - maxAgeMs;
-    const toDelete: string[] = [];
-    for await (const [key, value] of this.db.iterator<string, SeenEntry>({
-      gte: 'seen:',
-      lte: 'seen:\xff',
-      valueEncoding: 'json',
-    })) {
-      if (value.seenAt < cutoff) toDelete.push(key);
-    }
-    await this.db.batch(toDelete.map((key) => ({ type: 'del' as const, key })));
-  }
-
-  // ─── Rate Limit State ─────────────────────────────────────────────────────
-
-  async putRateLimit(state: RateLimitState): Promise<void> {
-    await this.db.put(`rate:${state.did}`, state);
-  }
-
-  async getRateLimit(did: string): Promise<RateLimitState | null> {
-    try {
-      return await this.db.get(`rate:${did}`);
-    } catch {
-      return null;
-    }
-  }
-
-  async cleanupRateLimits(maxAgeMs: number): Promise<void> {
-    const cutoff = Date.now() - maxAgeMs;
-    const toDelete: string[] = [];
-    for await (const [key, value] of this.db.iterator<string, RateLimitState>({
-      gte: 'rate:',
-      lte: 'rate:\xff',
-      valueEncoding: 'json',
-    })) {
-      if (value.lastRefill < cutoff) toDelete.push(key);
-    }
-    await this.db.batch(toDelete.map((key) => ({ type: 'del' as const, key })));
-  }
-}